def test_invalid_perm(self): self.login_as(self.user) invalid_perm = randstring(1) while invalid_perm == 'r': invalid_perm = randstring(1) # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { "user": self.admin_email, "path": self.user_folder_path, "perm": invalid_perm } resp = self.client.post(url, data) self.assertEqual(400, resp.status_code) invalid_perm = randstring(2) while invalid_perm == 'rw': invalid_perm = randstring(2) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = 'user=%s&path=%s&perm=%s' % (self.admin_email, self.user_folder_path, invalid_perm) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(400, resp.status_code)
def setUp(self): self.login_as(self.admin) # create group for admin user self.admin_group_1_name = randstring(6) self.admin_group_1_id = ccnet_threaded_rpc.create_group(self.admin_group_1_name, self.admin.email) # create another group for admin user self.admin_group_2_name = randstring(6) self.admin_group_2_id = ccnet_threaded_rpc.create_group(self.admin_group_2_name, self.admin.email) # create repo for admin user self.admin_repo_name = randstring(6) r = seafile_api.get_repo(self.create_repo(name=self.admin_repo_name, desc='', username=self.admin.email, passwd=None)) self.admin_repo_id = r.id # set common user as staff in admin user's group ccnet_threaded_rpc.group_add_member(self.admin_group_1_id, self.admin.email, self.user.email) ccnet_threaded_rpc.group_set_admin(self.admin_group_1_id, self.user.email) # add common user to admin user's another group ccnet_threaded_rpc.group_add_member(self.admin_group_2_id, self.admin.email, self.user.email) # share admin user's repo to common user seafile_api.share_repo(self.admin_repo_id, self.admin.email, self.user.email, 'rw')
def test_rename_file_with_invalid_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return # create a file as old file in user repo sub-folder old_file_name = randstring(6) seafile_api.post_empty_file(repo_id=self.repo_id, parent_dir=self.folder_path, filename=old_file_name, username=self.user_name) # share user's repo to admin with 'rw' permission seafile_api.share_repo(self.repo_id, self.user_name, self.admin_name, 'rw') # set sub-folder permisson as 'r' for admin seafile_api.add_folder_user_perm(self.repo_id, self.folder_path, 'r', self.admin_name) # admin can visit old file with 'r' permission old_file_path = posixpath.join(self.folder_path, old_file_name) assert seafile_api.check_permission_by_path(self.repo_id, old_file_path, self.admin_name) == 'r' # login as admin, then rename a 'r' permission old file self.login_as(self.admin) new_name = randstring(6) data = {'operation': 'rename', 'newname': new_name} resp = self.client.post(self.url + '?p=' + old_file_path, data) self.assertEqual(403, resp.status_code)
def test_create_in_encrypted_lib_with_invalid_password(self): password = randstring(8) encrypted_repo_id = seafile_api.create_repo( 'encrypted_repo_name', '', self.user_name, password) dirname = randstring(8) seafile_api.post_dir(repo_id=encrypted_repo_id, parent_dir='/', dirname=dirname, username=self.user_name) self.login_as(self.user) url = reverse("api2-dir-sub-repo", args=[encrypted_repo_id]) # test invalid password argument args = "?p=/%s&name=%s&invalid_password=%s" % (dirname, dirname, password) resp = self.client.get(url + args) self.assertEqual(400, resp.status_code) # test wrong password args = "?p=/%s&name=%s&password=%s" % (dirname, dirname, 'invalid_password') resp = self.client.get(url + args) self.assertEqual(400, resp.status_code) json_resp = json.loads(resp.content) assert json_resp['error_msg'] == 'Wrong password' self.remove_repo(encrypted_repo_id)
def test_invalid_user(self): self.login_as(self.user) invalid_user = randstring(6) + '@' + randstring(6) + '.com' # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { "user": invalid_user, "path": self.user_folder_path, "perm": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = 'user=%s&path=%s&perm=%s' % (invalid_user, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = 'user=%s&path=%s' % (invalid_user, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code)
def create_user(self): username = '******' % randstring(20) password = randstring(20) data = {'password': password} self.admin_put(urljoin(ACCOUNTS_URL, username), data=data, expected=201) return _User(username, password)
def setUp(self): self.user_name = self.user.username self.tmp_email = '*****@*****.**' % randstring(10) self.password = randstring(10) self.url = reverse('api-v2.1-admin-user', args=[self.tmp_email]) ccnet_api.add_emailuser(self.tmp_email, self.password, 0, 0) self.clear_cache()
def test_can_not_transfer_repo_to_unregistered_user(self): self.login_as(self.user) url = reverse("api2-repo-owner", args=[self.user_repo_id]) unregistered_user = '******' % (randstring(6), randstring(6)) data = 'owner=%s' % unregistered_user resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code)
def setUp(self): self.user_email = self.user.username self.admin_email = self.admin.username tmp_admin_email = '%s@%s.com' % (randstring(6), randstring(6)) ccnet_api.add_emailuser(tmp_admin_email, randstring(6), 1, 1) self.tmp_admin_email = tmp_admin_email AdminRole.objects.all().delete()
def test_unshare_with_unregistered_user(self): self.share_folder_to_user_and_group() self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.delete( '/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (self.repo.id, self.folder, unregistered_user)) self.assertEqual(200, resp.status_code)
def test_modify_shared_repo_with_unregistered_user(self): self._add_shared_items() self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.post( '/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (self.repo.id, self.folder, unregistered_user), {'permission': 'r'}) self.assertEqual(400, resp.status_code)
def setUp(self): self.login_as(self.admin) self.user_name = self.user.username self.admin_name = self.admin.username self.group_id = self.group.id self.repo_id = self.repo.repo_id self.new_user = '******' % (randstring(6), randstring(6)) self.library_url = reverse('api-v2.1-admin-library', args=[self.repo_id]) self.admin_log_url = reverse('api-v2.1-admin-admin-logs')
def test_can_not_create_if_not_admin(self): if not LOCAL_PRO_DEV_ENV: return self.login_as(self.user) email = '%s@%s.com' % (randstring(6), randstring(6)) data = {'email': email, 'password': randstring(6)} resp = self.client.post(self.org_users_url, data) self.assertEqual(403, resp.status_code)
def test_can_not_create_by_other_punctuation(self): self.login_as(self.admin) url = reverse('api-v2.1-admin-groups') other_punctuation = """!"#$%&()*+,/:;<=>?@[\]^`{|}~""" group_name = randstring(2) + random.choice( other_punctuation) + randstring(2) data = {'group_name': group_name, 'group_owner': self.user.email} resp = self.client.post(url, data) self.assertEqual(400, resp.status_code)
def setUp(self): org_name = randstring(6) org_url_prefix = randstring(6) tmp_user = self.create_user(email='%s@%s.com' % (randstring(6), randstring(6))) org_creator = tmp_user.username org_id = ccnet_api.create_org(org_name, org_url_prefix, org_creator) self.org = ccnet_api.get_org_by_id(org_id) self.url = reverse('api-v2.1-admin-organization', args=[self.org.org_id]) self.login_as(self.admin)
def test_can_create_by_limit_punctuation(self): limit_punctuation = """-'_.""" new_group_name = randstring(2) + random.choice(limit_punctuation) + randstring(2) resp = self.client.post(self.url, {'name': new_group_name}) self.assertEqual(201, resp.status_code) json_resp = json.loads(resp.content) assert json_resp['name'] == new_group_name assert json_resp['owner'] == self.user.email self.remove_group(json_resp['id'])
def test_unshare_repo_with_unregistered_user(self): self._add_shared_items() self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % ( self.repo.id, self.folder, unregistered_user )) self.assertEqual(200, resp.status_code)
def test_add_remove_group_with_blank_and_hyphen(self): data = {'group_name': randstring(4) + '-' + randstring(4) + ' ' + randstring(4)} info = self.put(GROUPS_URL, data=data).json() self.assertTrue(info['success']) group_id = info['group_id'] self.assertGreater(group_id, 0) url = urljoin(GROUPS_URL, str(group_id)) self.delete(url) # check group is really removed groups = self.get(GROUPS_URL).json()['groups'] for group in groups: self.assertNotEqual(group['id'], group_id)
def test_create_with_unexisted_user(self): self.login_as(self.admin) repo_name = randstring(6) repo_owner = '*****@*****.**' % randstring(6) data = { 'name': repo_name, 'owner': repo_owner, } resp = self.client.post(self.libraries_url, data) self.assertEqual(404, resp.status_code)
def test_delete_invalid_user(self): if not LOCAL_PRO_DEV_ENV: return not_existed_user = '******' % (randstring(6), randstring(6)) self.login_as(self.admin) url = reverse('api-v2.1-admin-org-user', args=[self.org_id, not_existed_user]) resp = self.client.delete(url) self.assertEqual(404, resp.status_code)
def test_create_with_invalid_org_id(self): if not LOCAL_PRO_DEV_ENV: return self.login_as(self.admin) invalid_org_users_url = reverse('api-v2.1-admin-org-users', args=[0]) email = '%s@%s.com' % (randstring(6), randstring(6)) data = {'email': email, 'password': randstring(6)} resp = self.client.post(invalid_org_users_url, data) self.assertEqual(400, resp.status_code)
def test_can_get_dir_detail(self): seafile_api.post_dir(self.repo_id, self.folder_path, randstring(3), self.user_name) seafile_api.post_empty_file(self.repo_id, self.folder_path, randstring(3), self.user_name) self.login_as(self.user) resp = self.client.get(self.url + '?path=%s' % self.folder_path) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert json_resp['name'] == self.folder_name
def test_create_with_user_number_over_limit(self, mock_user_number_over_limit): if not LOCAL_PRO_DEV_ENV: return mock_user_number_over_limit.return_value = True self.login_as(self.admin) email = '%s@%s.com' % (randstring(6), randstring(6)) data = {'email': email, 'password': randstring(6)} resp = self.client.post(self.org_users_url, data) self.assertEqual(403, resp.status_code)
def test_add_user_form_email_invalid_for_exceed_limit(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = True user_info = { 'email': '%s@%s.com' % (randstring(10), randstring(10)), 'role': DEFAULT_USER, 'password1': 'password', 'password2': 'password', } f = AddUserForm(data = user_info) assert 'The number of users exceeds the limit.' in str(f['email'].errors)
def test_add_user_form_is_valid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { 'email': '%s@%s.com' % (randstring(10), randstring(10)), 'role': DEFAULT_USER, 'password1': 'password', 'password2': 'password', } f = AddUserForm(data=user_info) self.assertTrue(f.is_valid())
def test_modify_shared_repo_with_unregistered_user(self): self._add_shared_items() self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % ( self.repo.id, self.folder, unregistered_user), { 'permission': 'r' } ) self.assertEqual(400, resp.status_code)
def setUp(self): self.user_name = self.user.username self.admin_name = self.admin.username if LOCAL_PRO_DEV_ENV: self.org_name = randstring(6) self.org_url_prefix = randstring(6) tmp_user = self.create_user(email='%s@%s.com' % (randstring(6), randstring(6))) self.org_creator = tmp_user.username self.org_id = ccnet_api.create_org(self.org_name, self.org_url_prefix, self.org_creator) self.org_users_url = reverse('api-v2.1-admin-org-users', args=[self.org_id])
def test_add_user_form_email_invalid_for_exceed_limit(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = True user_info = { 'email':'%s@%s.com' % (randstring(10), randstring(10)) , 'role': DEFAULT_USER, 'password1':'password', 'password2':'password', } f = AddUserForm(data = user_info) assert 'The number of users exceeds the limit.' in str(f['email'].errors)
def test_share_folder_to_unregistered_user(self): self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.put( '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id, self.folder), "share_type=user&username=%s" % unregistered_user, 'application/x-www-form-urlencoded', ) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert len(json_resp['failed']) == 1 assert unregistered_user in json_resp['failed'][0]['email']
def test_add_user_form_is_valid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { 'email':'%s@%s.com' % (randstring(10), randstring(10)) , 'role': DEFAULT_USER, 'password1':'password', 'password2':'password', } f = AddUserForm(data = user_info) self.assertTrue(f.is_valid())
def test_share_with_unregistered_user(self): self.login_as(self.user) unregistered_user = '******' % (randstring(6), randstring(6)) resp = self.client.put( '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id, self.folder), "share_type=user&username=%s" % unregistered_user, 'application/x-www-form-urlencoded', ) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert len(json_resp['failed']) == 1 assert unregistered_user in json_resp['failed'][0]['email']
def test_can_create(self): if not LOCAL_PRO_DEV_ENV: return self.login_as(self.admin) email = '%s@%s.com' % (randstring(6), randstring(6)) data = {'email': email, 'password': randstring(6)} resp = self.client.post(self.org_users_url, data) json_resp = json.loads(resp.content) self.assertEqual(200, resp.status_code) assert json_resp['email'] == email
def test_registration_form_is_valid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { 'email': '%s@%s.com' % (randstring(10), randstring(10)), 'userid': randstring(40), 'password1': 'password', 'password2': 'password', } f = RegistrationForm(data=user_info) self.assertTrue(f.is_valid())
def test_can_not_delete_if_not_admin(self): if not LOCAL_PRO_DEV_ENV: return email = '%s@%s.com' % (randstring(6), randstring(6)) self.create_user(email=email) ccnet_api.add_org_user(self.org_id, email, 0) assert ccnet_api.org_user_exists(self.org_id, email) == 1 self.login_as(self.user) url = reverse('api-v2.1-admin-org-user', args=[self.org_id, email]) resp = self.client.delete(url) self.assertEqual(403, resp.status_code)
def create_file(self, repo, fname=None): fname = fname or ("文件 %s.txt" % randstring()) furl = repo.get_filepath_url("/" + fname) data = {"operation": "create"} res = self.post(furl, data=data, expected=201) self.assertEqual(res.text, '"success"') return fname, furl
def _add_file_shared_link_with_password(self): password = randstring(6) uls = FileShare.objects.create_file_link(self.user.username, self.repo.id, self.file, password) return (uls.token, password)
def test_delete_file_with_invalid_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return # create a file in user repo sub-folder file_name = randstring(6) seafile_api.post_empty_file(repo_id=self.repo_id, parent_dir=self.folder_path, filename=file_name, username=self.user_name) # share user's repo to admin with 'rw' permission seafile_api.share_repo(self.repo_id, self.user_name, self.admin_name, 'rw') # set sub-folder permisson as 'r' for admin seafile_api.add_folder_user_perm(self.repo_id, self.folder_path, 'r', self.admin_name) # admin can visit file with 'r' permission file_path = posixpath.join(self.folder_path, file_name) assert seafile_api.check_permission_by_path(self.repo_id, file_path, self.admin_name) == 'r' # login as admin, then delete a 'r' permission file self.login_as(self.admin) resp = self.client.delete(self.url + '?p=' + file_path, {}, 'application/x-www-form-urlencoded') self.assertEqual(403, resp.status_code)
def setUp(self): self.tmp_user = self.create_user('*****@*****.**' % randstring(4), is_staff=False) assert len(Profile.objects.all()) == 0 self.url = reverse('edit_profile') self.login_as(self.tmp_user)
def test_can_add_with_blank_and_hyphen(self): resp = self.client.post( reverse("group_add"), {"group_name": "test-group %s" % randstring(6)}, HTTP_X_REQUESTED_WITH="XMLHttpRequest", ) assert json.loads(resp.content)["success"] is True
def create_dir(self, repo): data = {'operation': 'mkdir'} dpath = '/目录 %s' % randstring() durl = repo.get_dirpath_url(dpath) res = self.post(durl, data=data, expected=201) self.assertEqual(res.text, u'"success"') return dpath, durl
def test_rename_folder_with_invalid_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return # share user's repo to admin with 'rw' permission seafile_api.share_repo(self.repo_id, self.user_name, self.admin_name, 'rw') # set sub-folder permisson as 'r' for admin seafile_api.add_folder_user_perm(self.repo_id, self.folder_path, 'r', self.admin_name) # admin can visit sub-folder with 'r' permission assert seafile_api.check_permission_by_path(self.repo_id, self.folder_path, self.admin_name) == 'r' # login as admin, then rename a 'r' permission folder self.login_as(self.admin) new_name = randstring(6) data = {'operation': 'rename', 'newname': new_name} resp = self.client.post(self.url + '?p=' + self.folder_path, data) self.assertEqual(403, resp.status_code)
def create_file(self, repo, fname=None): fname = fname or ('文件 %s.txt' % randstring()) furl = repo.get_filepath_url('/' + fname) data = {'operation': 'create'} res = self.post(furl, data=data, expected=201) self.assertEqual(res.text, '"success"') return fname, furl
def test_registration_form_email_invalid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { # invalid email without `@` 'email': '%s%s.com' % (randstring(10), randstring(10)), 'userid': randstring(40), 'password1': 'password', 'password2': 'password', } f = RegistrationForm(data=user_info) assert 'Enter a valid email address.' in str(f['email'].errors)
def test_registration_form_email_invalid_for_exceed_limit( self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = True user_info = { 'email': '%s@%s.com' % (randstring(10), randstring(10)), 'userid': randstring(40), 'password1': 'password', 'password2': 'password', } f = RegistrationForm(data=user_info) assert 'The number of users exceeds the limit.' in str( f['email'].errors)
def test_registration_form_userid_invalid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { 'email': '%s@%s.com' % (randstring(10), randstring(10)), # invalid userid length < 40 'userid': randstring(10), 'password1': 'password', 'password2': 'password', } f = RegistrationForm(data=user_info) assert 'Invalid user id.' in str(f['userid'].errors)
def test_invalid_path(self): self.login_as(self.user) invalid_path = randstring(6) # test delete url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = 'group_id=%s&folder_path=%s' % (self.group_id, invalid_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, invalid_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test add url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, "folder_path": invalid_path, "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code)
def test_add_user_form_password_invalid(self, mock_user_number_over_limit): mock_user_number_over_limit.return_value = False user_info = { 'email':'%s@%s.com' % (randstring(10), randstring(10)) , 'role': DEFAULT_USER, # invalid password 'password1':'password1', 'password2':'password2', } f = AddUserForm(data = user_info) # to escape `'` assert escape("The two passwords didn't match.") in str(f.errors)
def test_invalid_path(self): self.login_as(self.user) invalid_path = randstring(6) # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { "user_email": self.admin_email, "folder_path": invalid_path, "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = 'user_email=%s&folder_path=%s&permission=%s' % ( self.admin_email, invalid_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = 'user_email=%s&folder_path=%s' % (self.admin_email, invalid_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code)
def test_create_encrypted_repo(self): """Test create an encrypted repo with the secure keys generated on client side. """ repo_id = str(uuid.uuid4()) password = randstring(16) enc_version = 2 enc_info = seafile_api.generate_magic_and_random_key(enc_version, repo_id, password) data = { 'name': 'enc-test', 'repo_id': repo_id, 'enc_version': enc_version, 'magic': enc_info.magic, 'random_key': enc_info.random_key, } res = self.post(REPOS_URL, data=data) repo = res.json() assert repo['repo_id'] == repo_id assert repo['encrypted'] assert repo['magic'] == enc_info.magic assert repo['random_key'] == enc_info.random_key # validate the password on server set_password_url = apiurl('/api2/repos/{}/'.format(repo['repo_id'])) self.post(set_password_url, data={'password': password}) # do some file operation self.create_file(repo['repo_id'])
def test_search_invalid_user(self): self.login_as(self.admin) invalid_user = randstring(20) resp = self.client.get(reverse('user_search') + '?email=%s' % invalid_user) self.assertEqual(200, resp.status_code) self.assertTemplateUsed('sysadmin/user_search.html') self.assertContains(resp, invalid_user)
def create_repo(self): repo_name = '测试-test-repo-%s' % randstring(6) data = { 'name': repo_name, 'desc': 'just for test - 测试用资料库', } repo = self.post(REPOS_URL, data=data).json() repo_id = repo['repo_id'] return _Repo(repo_id)
def test_rename_file(self): with self.get_tmp_repo() as repo: name, furl = self.create_file(repo) data = { 'operation': 'rename', 'newname': name + randstring(), } res = self.post(furl, data=data) self.assertRegexpMatches(res.text, r'"http(.*)"')
def test_can_add(self): self.client.post(reverse("auth_login"), {"username": self.user.username, "password": "******"}) resp = self.client.post( reverse("group_add"), {"group_name": "test_group_%s" % randstring(6)}, HTTP_X_REQUESTED_WITH="XMLHttpRequest", ) assert json.loads(resp.content)["success"] is True
def test_can_create_in_encrypted_lib(self): password = randstring(8) encrypted_repo_id = seafile_api.create_repo( 'encrypted_repo_name', '', self.user_name, password) dirname = randstring(8) seafile_api.post_dir(repo_id=encrypted_repo_id, parent_dir='/', dirname=dirname, username=self.user_name) self.login_as(self.user) url = reverse("api2-dir-sub-repo", args=[encrypted_repo_id]) args = "?p=/%s&name=%s&password=%s" % (dirname, dirname, password) resp = self.client.get(url + args) json_resp = json.loads(resp.content) assert len(json_resp['sub_repo_id']) == 36 self.remove_repo(encrypted_repo_id)
def test_get_with_email_is_not_admin(self, mock_has_permission): mock_has_permission.return_value = True tmp_user_email = '%s@%s.com' % (randstring(6), randstring(6)) ccnet_api.add_emailuser(tmp_user_email, randstring(6), 0, 1) tmp_user = User.objects.get(email=tmp_user_email) assert not tmp_user.is_staff self.login_as(self.admin) url = reverse('api-v2.1-admin-admin-role') + '?email=%s' % tmp_user_email resp = self.client.get(url) self.assertEqual(403, resp.status_code) json_resp = json.loads(resp.content) assert 'must be an administrator' in json_resp['error_msg'] self.remove_user(tmp_user_email)